SSH authentication keys are a way to provide authentication without sending a password to the server. Instead, you use a passphrase to unlock a private key on your computer, and this is matched with a public key placed on the server. (Yes, literally public. I've posted my public key on this website for anyone to see.)
Regardless of your platform or tools used, you should create an ED25519 key, and use either your username or email address as the key comment. Treat your private key file like a password, because that's what it is, except that it can be much more powerful and is a lot more difficult to change than a password.
Basic Web Projects with Git and Visual Studio Code
Added May 2021. This new video covers the following topics:
- Install Git on Windows.
- Create ssh keys for authentication.
- Load ssh agent in git bash.
- Create and clone a new project.
- Make changes and push to remote repository.
This is covered in detail in the video, but here are some screenshots that show the details and commands for generating ssh keys.
To generate a new key:
ssh-keygen -o -a 100 -t ed25519 -C 'micah_220112'
To view the contents of your key for copying:
Windows and Linux
If you are on Windows or Linux, create (or append) your .bashrc file to contain the following commands:
eval $(ssh-agent -s) ssh-add ~/.ssh/id_ed25519
Exit your bash session and reopen. You should be prompted for the passphrase to your private key.
The following steps will set up MacOS to use your private key automatically.
Store passphrase in the Keychain
In the latest version of MacOS (12.0 Monterey), just do this once:
ssh-add --apple-use-keychain ~/.ssh/id_ed25519
Or in versions of MacOS older than 12.0 Monterey, use:
ssh-add -K ~/.ssh/id_ed25519
Enter your key passphrase, and you won't be asked for it again.
Configure SSH-agent to always use MacOS Keychain
Create a file .ssh/config (under your home directory) to contain the following settings:
Host * AddKeysToAgent yes UseKeychain yes IdentityFile ~/.ssh/id_ed25519
Once you've done this, MacOS should take care of starting the agent, and will allow you to store the key's passphrase in Keychain so you won't have to type it in the future.
Setup on Linux is only slightly more difficult. Create keys using ssh-keygen as described above, but then you must start ssh-agent and add keys in order to use it. Methods vary, so search Google for instructions.
Ubuntu for Windows
If you use Ubuntu for Windows, creating keys is the same as for MacOS and Linux. You can install the debian keychain package to get the ssh agent running, as described in this post.
Testing your setup
Use the ssh-copy-id to copy your key to the HFC cislinux server.
After a successful copy, test the connection. The server should not prompt you for a password, because your private key (running in the agent) is your password now.
For more information about using git for software products, and for some important git settings, please see Getting Started with Git.